Some 18 months on from the failed American Data Privacy and Protection Act (ADPPA), there is another proposed federal privacy law. House and Senate committee leads released a new proposal for the bipartisan American Privacy Records Act (APRA) on April 7. There is a lot of discussion around this bill, which is subject to change

Since the Securities and Exchange Commission’s Cybersecurity Incident Disclosure Rule (SEC Rule) took effect Dec. 18, 2023, about a dozen companies have filed a Form 8-K reporting a material cybersecurity incident. This GT Alert discusses the trends on how companies have made these disclosures thus far. In short, the companies who have filed an 8-K

On April 17, 2023, the Washington State Legislature passed the “My Health My Data Act” (WMHMDA or the Act), which took effect for most companies March 31, 2024. Unlike other modern state privacy laws that purport to regulate any collection of “personal data,” WMHMDA confers privacy protections only upon “consumer health data.” This

On March 22, 2024, the centralized regulator of cyber and data security, the Cybersecurity Administration of China (CAC), published the Provisions on Promoting and Regulating the Cross-border Flow of Data (New Provisions), relaxing the existing requirements relating to cross-border data transfers. The New Provisions took immediate effect on March 22, 2024.

Continue reading the full

On 13 March 2024, the European Parliament adopted the AI Act. Since the EU Commission presented its first draft almost three years ago, the use of AI and general purpose AI models has increased significantly. Hence, the regulatory proposal was (and still is) the subject of hefty debate.

Continue reading the full GT Alert.

Data Privacy & Cybersecurity Shareholders Todd Basile and Tyler Thompson will present the CLE webinar, “Roadblocks and Turbulence: Data Issues in Autonomous Vehicles, UAVs, and More,” on Wednesday, March 13.

Data is critical to the burgeoning autonomous and unmanned vehicle spaces. Whether by land, sea, or air, data is both the fuel and the

On February 28 President Biden issued an Executive Order “to protect Americans’ sensitive personal data from exploitation by countries of concern.” (EO 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data by Countries of Concern.”)

On March 5 the National Security Division of the Department of Justice (DOJ) published an advanced notice of proposed rulemaking

Jena M. Valdetero, Co-Chair of the firm’s Data Privacy and Cybersecurity Practice, and Steven M. Malina, a member of GT’s Litigation Practice, were quoted in a Dark Reading article titled “Orgs Face Major SEC Penalties for Failing to Disclose Breaches.”

Click here to read the full article, published by Dark Reading

On Oct. 27, 2023, the Federal Trade Commission (FTC) amended its Standards for Safeguarding Customer Information (the Safeguards Rule), promulgated under the Gramm-Leach-Bliley Act (GLBA), to require financial institutions to provide notice to the FTC of data breaches that impact 500 or more consumers (the Amendment). This comes after the FTC’s major update to the

Greenberg Traurig Data Privacy & Cybersecurity attorneys Tyler Thompson and Andrea Maciejewski will present the CLE webinar “An Old (Data) Dog’s New Tricks: How Retro Laws are Being Used to Create Modern Risk” Nov. 14 at 12:00 p.m. EST. With increased focus on data issues but limited avenues to bring claims, both plaintiff firms